Linked by Thom Holwerda on Thu 22nd May 2008 18:21 UTC
Coverity has published the 2008 edition of its Open Source Report. The report uses static code analysis on C, C++, and Java source code to determine the quality of the code. These reports are funded by the US Department of Homeland Security and supported by Stanford University, and are part of the US government's Open Source Hardening Project. The report is based on over two years' worth of data from Coverity Scan.
Permalink for comment 315310
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-07-08
Coverity is vastly superior to any other static analysis tool on the market. It does inter-procedural analysis (following semantic paths across function and library calls), incremental analysis (only scans paths that changed since the last scan), concurrency checking, locking consistency, enforcement of arbitrary coding standards, and much more.
My favorite aspect of Coverity is the web-based interface that combines a syntax-highlighted, hyperlinked source browser with a step-by-step trace of the path leading to the selected defect inlined right into the code. As someone who has previously worked on integrating far less user-friendly static analysis tools into commercial development projects, Coverity is a thing of beauty.
Edited 2008-05-23 01:11 UTC